Use a Smartphone? You Could be a Victim of “Smishing”

You’ve likely heard of “phishing,” the method by which identity thieves use phony e-mails to “fish” for personal information. But as the Better Business Bureau warns, the rise of Smartphones has led to a dramatic increase in a new kind of scam dubbed “smishing.”

What is Smishing?

Smishing, or SMS phishing, involves fraudulent text messages designed to mislead recipients into giving up sensitive personal information such as credit card or bank account information. Scammers often pose as banks or cell phone companies and trick victims into giving up private information through “urgent” requests and bogus web links.

One common example of this scam is a deceptive text—disguised as being from the recipient’s bank—which asks for the victim’s PIN in order to supposedly “reactivate” their ATM card. Other scams try to lure victims into clicking on fake links which can compromise any data stored on the person’s Smartphone. One click on a bad link, and your bank account information, credit card number, or even your contacts could fall into the hands of criminals.

How Can You Avoid Smishing Scams?

The most powerful weapon against smishing is use of your own judgment. Most banks and cell phone companies won’t ask you for sensitive information via text message, so if you receive a text of this nature, this should raise a red flag. If a text features a URL link, do not immediately open it. Be careful to compare the URL to that of the company’s official website. If the link in the message doesn’t match the official website, it could be a fake. Another warning sign: watch out for text messages from “5000” or non-cellular phone numbers.

If you are worried about your employees becoming victims of smishing, training is available to help your company protect itself from theft. IT departments can use software which creates mock fraudulent texts to send to employees. If the recipient opens the text, they receive a special message which alerts them to their mistake and reminds them of the signs of smishing they should have noticed. Similar training technology has previously been used to prevent e-mail phishing.

What Should You Do if You Suspect Smishing?

First, it is extremely important that you ignore the text completely. Do not click on any links. Do not even reply “NO” or “STOP” in response to questions. Next, contact the company in question, not only to get confirmation that the text is bad, but also to help alert other customers to the danger. You can also report scammers’ messages to your carrier by forwarding them to 7726 (SPAM).

Methods of abusing technology for malicious purposes evolve almost as quickly as the technology itself. However, if you text thoughtfully and click carefully, you can stay one step ahead of potential thieves.

References:

http://www.bbb.org/blog/2013/07/bbb-alerts-consumers-to-smishing-text-scams-leading-to-identity-theft/

http://www.networkworld.com/article/2164211/infrastructure-management/how-to-avoid-becoming-a-victim-of-smishing-sms-phishing.html?page=2

http://finance.yahoo.com/news/smishing-serious-identity-theft-scheme-110046141.html